Re: [Exim] exim fine-tuning

Página Inicial
Esta mensagem é parte da seguinte discussão:
MÁrvore completa da discussão ordenada por data
M\Nigel Metheringham em <-
MMSuresh Ramasubramanian em ->
Delete this message
Reply to this message
Autor: Alan J. Flavell
Data:  
Para: Exim users list
Assunto: Re: [Exim] exim fine-tuning
On Mon, 19 Apr 2004, Nigel Metheringham wrote:

> On Mon, 2004-04-19 at 10:39, Alan J. Flavell wrote:
> > 1) HELO domain matches one of our own domains
>
> > Cases 1 and 2 are surprisingly widespread, considering that they
> > appear to be a sure-fire indicator of abuse. It's a puzzle to me just
> > why abusers would make themselves so obvious: what do they hope to
> > gain from it? Is there -any- mailer where either of these options
> > yield some positive benefit?
>
> I've noticed that Thunderbird (separate MUA component from Mozilla) will
> HELO with the domain part of the sending email account address. Now
> this should only be talking to its local MTA/MSA. However it may be
> worth being careful with this test - ie hold the reject to the MAIL
> FROM: ACL and make that conditional on it not being authenticated...

OK, I omitted to say it in so many words, but from the fact that I
said we still accept mail to the postmaster or abuse addresses, you
could deduce that we don't reject on these HELO patterns until we get
to the RCPT ACL.

And I can confirm that senders who are allowed to relay (because they
are local, or because they authenticated as one of our users) don't
have these restrictions applied to them.

Thanks for prompting the clarification.


Esta mensagem foi enviada para as seguintes listas:
Exim-users
Informações da lista | Mensagens recentes		<-Re: [Exim] Frozen messages showing <>[Exim] need help with smtp-auth client (exim4)->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versão 2.3)